MDVSA-2012:153-1
- Package name
- dhcp
- Date
- 2012-10-02
- Advisory ID
- MDVSA-2012:153-1
- Affected versions
- 2011 i586 , 2011 x86_64
Problem description
A security issue was identified and fixed in dhcp:
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows
remote attackers to cause a denial of service (daemon crash)
in opportunistic circumstances by establishing an IPv6 lease in
an environment where the lease expiration time is later reduced
(CVE-2012-3955).
The updated packages have been patched to correct this issue.
Update:
Packages for Mandriva Linux 2011 is being provided.
The updated packages have been upgraded to dhcp 4.2.4-P2 which is
not vulnerable to this issue.
Updated packages
2011 i586
2fcc769d84e43b66cb386786b8c3fee0 2011/i586/dhcp-client-4.2.4-0.P2.0.1-mdv2011.0.i586.rpm 66a3bcce42ae48736cb8253212c7eb96 2011/i586/dhcp-common-4.2.4-0.P2.0.1-mdv2011.0.i586.rpm 30027b4ef67fa659ac4ff1e7dcfc5479 2011/i586/dhcp-devel-4.2.4-0.P2.0.1-mdv2011.0.i586.rpm e7bef4689915a0fd123bbe6cedc4c289 2011/i586/dhcp-doc-4.2.4-0.P2.0.1-mdv2011.0.i586.rpm a452f75cd1b1aa88095fca4f0b437b94 2011/i586/dhcp-relay-4.2.4-0.P2.0.1-mdv2011.0.i586.rpm 7b8c69543e9d3e8c756d791b054d11e0 2011/i586/dhcp-server-4.2.4-0.P2.0.1-mdv2011.0.i586.rpm f5fc431c0e8c1995191ef11ecc0aaa15 2011/SRPMS/dhcp-4.2.4-0.P2.0.1.src.rpm
2011 x86_64
a95f54f1f4d965fcf21497f072d664d0 2011/x86_64/dhcp-client-4.2.4-0.P2.0.1-mdv2011.0.x86_64.rpm 7085ed104ef6341d4f975a31c333203f 2011/x86_64/dhcp-common-4.2.4-0.P2.0.1-mdv2011.0.x86_64.rpm b2dbbeff1e2cff794afe95ca06f6d41d 2011/x86_64/dhcp-devel-4.2.4-0.P2.0.1-mdv2011.0.x86_64.rpm f50177991a1326b1cc3bc3dc610e5ac6 2011/x86_64/dhcp-doc-4.2.4-0.P2.0.1-mdv2011.0.x86_64.rpm f1b695af971ce898fa7079bad8a965f3 2011/x86_64/dhcp-relay-4.2.4-0.P2.0.1-mdv2011.0.x86_64.rpm 0e7809a34e959074d3d2721315c1d3c0 2011/x86_64/dhcp-server-4.2.4-0.P2.0.1-mdv2011.0.x86_64.rpm f5fc431c0e8c1995191ef11ecc0aaa15 2011/SRPMS/dhcp-4.2.4-0.P2.0.1.src.rpm